US10554431B2 - Method for device having WLAN function to access network and device for implementing method - Google Patents
Method for device having WLAN function to access network and device for implementing method Download PDFInfo
- Publication number
- US10554431B2 US10554431B2 US15/525,602 US201515525602A US10554431B2 US 10554431 B2 US10554431 B2 US 10554431B2 US 201515525602 A US201515525602 A US 201515525602A US 10554431 B2 US10554431 B2 US 10554431B2
- Authority
- US
- United States
- Prior art keywords
- key
- unique identification
- identification information
- intelligent terminal
- wlan
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active, expires
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/2803—Home automation networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/50—Secure pairing of devices
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/70—Services for machine-to-machine communication [M2M] or machine type communication [MTC]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W84/00—Network topologies
- H04W84/02—Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
- H04W84/10—Small scale networks; Flat hierarchical networks
- H04W84/12—WLAN [Wireless Local Area Networks]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/2803—Home automation networks
- H04L2012/284—Home automation networks characterised by the type of medium used
- H04L2012/2841—Wireless
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/2803—Home automation networks
- H04L2012/2847—Home automation networks characterised by the type of home appliance used
- H04L2012/285—Generic home appliances, e.g. refrigerators
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
- H04L2209/805—Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/69—Identity-dependent
- H04W12/73—Access point logical identity
Definitions
- the disclosure relates to the technical field of network communications, and in particular to the technical field of smart home.
- Intelligent home appliances refer to the technology that, based on functions of conventional home appliances, combines various appliance sub-systems associated with home living with each other, and intelligently control and manage them via a network according to personal requirement using computer technology, network communication technology and the like, thereby achieving a new people-oriented home living experience.
- a user in a good existing smart home solution, after bringing home a washing machine, a refrigerator or an electric lamp which is equipped with WLAN modules, a user enables a smart phone having a wireless local area network WLAN function to access to a wireless access device AP of his home, thereby accessing to the network, and then downloads from the network and installs an APP (Application) specified by the intelligent home appliance supplier.
- the smart phone After the APP is installed, the smart phone transmits the network name SSID and the login password of the AP to which the smart phone accesses through the WLAN function.
- the intelligent home appliance may sniff and acquire the network name SSID and the login password of the AP using their WLAN modules and access to the AP, thereby accessing to the network.
- This solution is easy to operate for the user, and has a low cost for the manufacturer, thereby facilitating promotion of smart home systems.
- this solution has serious security problems, of which a most serious one is that, the intelligent appliances being able to sniff and acquire the SSID and the login password of the AP indicates that other intelligent devices can also sniff and acquire the SSID and the login password of the AP, which provides possibilities for unauthorized use of the wireless network, leakage of user privacy and even unlawful practices.
- a method for a WLAN-enabled device to access to a network and a device for implementing the method are provided according to the present disclosure, in order to solve the security problem mentioned in BACKGROUND, such that users can enjoy the convenience brought by the smart home systems without worries.
- a method for a WLAN-enabled device to access to a network is provided.
- the method relates to at least a WLAN-enabled device 10 , an intelligent terminal device 20 , and a wireless access device 30 , where a key material 11 is preset in the WLAN-enabled device 10 .
- access information 31 of the wireless access device 30 is required to be known by the intelligent terminal device 20 .
- the access information 31 generally includes an SSID and a password of an AP, or includes the SSID and a certificate of the AP.
- the method includes:
- the key material 11 may include a pre-shared key KEY 0 , where the KEY 0 is distributed by a key center KC.
- the key material 11 may include unique identification information 12 of the WLAN-enabled device 10 .
- a WLAN-enabled device for implementing the above method is further provided according to the present disclosure.
- the device includes a storage unit 101 , a transceiving unit 201 , and a processing unit 301 , where
- the key material 11 may include a pre-shared key KEY 0 , where the KEY 0 is distributed by a key center KC.
- the key material 11 may include unique identification information 12 of the WLAN-enabled device 10 .
- the intelligent terminal device 20 includes a storage unit 102 , a transceiving unit 202 , and a processing unit 302 , where
- the key material 11 may include a pre-shared key KEY 0 , where the KEY 0 is distributed by a key center KC.
- the key material 11 may include unique identification information 12 of the WLAN-enabled device 10 .
- the security problem can be solved by using a key material preset in the WLAN-enabled device.
- the user experience is not influenced, and for the manufacturer, the additional cost for the WLAN-enabled device is low.
- FIG. 1 is a schematic diagram of an existing smart home solution
- FIG. 2 is a schematic diagram of a core architecture of a smart home solution according to the present disclosure
- FIG. 3 is a flow chart of a method for a WLAN-enabled device to access to a network according to the present disclosure
- FIG. 4 is a schematic diagram of an implementation based on a pre-shared key of the method for a WLAN-enabled device to access to a network according to the present disclosure
- FIG. 5 is a schematic diagram of an implementation based on a unique identifier ID of the method for a WLAN-enabled device to access to a network according to the present disclosure
- FIG. 6 is a schematic structural diagram of a WLAN-enabled device according to the present disclosure.
- FIG. 7 is a schematic structural diagram of an intelligent terminal device according to the present disclosure.
- the method relates to at least a WLAN-enabled device 10 , an intelligent terminal device 20 and a wireless access device 30 , where a key material 11 is preset in the WLAN-enabled device 10 .
- the WLAN-enabled device 10 may include various devices having WLAN functions or equipped with WLAN modules and capable of functioning as network nodes, such as household appliances, gaming machines, media players and vehicles.
- the intelligent terminal device 20 may be an electronic device having a human-computer interaction interface, such as a cell phone, a computer, a PDA, and a tablet computer.
- the access information 31 of the wireless access device 30 is required to be known by the intelligent terminal device 20 .
- the access information 31 generally includes an SSID and a password of an AP, or includes the SSID and a certificate of the AP.
- the method includes the following steps S 1 to S 3 .
- step S 1 the intelligent terminal device 20 acquires a key KEY 1 .
- the KEY 1 may be acquired from outside of the intelligent terminal device 20 or locally generated in the intelligent terminal device 20 .
- the KEY 1 is generated using the key material 11 of the WLAN-enabled device and unique identification information 21 of the intelligent terminal device 20 .
- step S 2 the intelligent terminal device 20 encrypts the access information 31 of the wireless access device 30 known by the intelligent terminal device 20 using the key KEY 1 , and transmits the encrypted access information 31 as well as its own unique identification information 21 .
- the unique identification information 21 is information (for example, an MAC address) according to which the intelligent terminal device 20 can be uniquely determined. That is, the unique identification information 21 has a one-to-one correspondence with the intelligent terminal device 20 , such that the intelligent terminal device 20 can be determined according to the unique identification information 21 .
- step S 3 the WLAN-enabled device 10 receives the unique identification information 21 and the encrypted access information 31 , generates the KEY 1 using the unique identification information 21 and the preset key material 11 , and decrypts the encrypted access information 31 using the KEY 1 , to acquire the access information 31 .
- the WLAN-enabled device 10 can access to the wireless access device 30 using the access information 31 , thereby accessing to the network.
- this method it is effectively avoided that other people sniffs and acquires the access information of the wireless access device 30 , specially the password or the certificate, thereby preventing security problems.
- two specific implementations are provided according to the present disclosure, which includes a first implementation based on a pre-shared key mechanism and a second implementation based on a unique identifier ID.
- a pre-shared key KEY 0 is adopted as the key material 11 .
- the pre-shared key KEY 0 is distributed by a key distribution center KC to the WLAN-enabled device 10 .
- the key distribution center KC is responsible for generation, distribution and centralized management of pre-shared keys, thereby ensuring security of the pre-shared keys.
- This implementation includes the following steps S 10 to S 60 .
- step S 10 the intelligent terminal device 20 transmits its own unique identification information 21 to the key distribution center KC.
- step S 20 the key distribution center KC derives the key KEY 1 based on the KEY 0 and the unique identification information 21 .
- step S 30 the key distribution center KC transmits the KEY 1 to the intelligent terminal device 20 .
- step S 40 the intelligent terminal device 20 encrypts the access information 31 of the wireless access device 30 using the KEY 1 .
- step S 50 the intelligent terminal transmits the encrypted access information 31 as well as its own unique identification information 21 via WLAN.
- step S 60 the WLAN-enabled device 10 receives the unique identification information 21 and the encrypted access information 31 , generates the KEY 1 using the unique identification information 21 and the preset pre-shared key KEY 0 , and decrypts the encrypted access information 31 using the KEY 1 , to acquire the access information 31 .
- the WLAN-enabled device 10 can access to the wireless access device 30 using the decrypted access information 31 , thereby accessing to the network.
- the steps S 10 to S 30 are implemented in the following manner.
- the user logs into an APP on the intelligent terminal device 20 .
- the APP submits user registration information (which may adopt a username-password mechanism) and the unique identification information 21 to the key distribution center KC.
- the KC firstly authenticates a user identity based on the APP user registration information, and then determines whether the KEY 1 is stored in the APP according to key distribution request information upon successful authentication.
- the KC derives the key KEY 1 using the KEY 0 and the unique identification information 21 and distributes the key KEY 1 to the APP in a case that the KEY 1 is not stored in the APP, and does not distribute the KEY 1 in a case that the KEY 1 is stored in the intelligent terminal device 20 and does not need to be updated.
- the advantage of this manner lies in that security of the overall solution may be further enhanced by managing and controlling the APP.
- the APP is easy to use for the user and thus has a good user experience.
- the steps S 50 to S 60 may be implemented in the following manner.
- the intelligent terminal device 20 issues an access configuration announcement via an air interface by transmitting a specific address data frame (a specific multicast address) or a WLAN management frame.
- Announcement information includes the access information 31 encrypted using the KEY 1 and includes the unique identification information 21 .
- a management frame of a currently reserved type may be used, and the access configuration announcement is packaged in a data frame body of the management frame.
- the access configuration announcement is packaged in the last 23 bits of 238.x.x.x. In this case, the complete parameter information needs to be transmitted using multiple specific data frames since each specific address data package has only 23 bits for transmitting the parameter information.
- the WLAN-enabled device 10 sniffs (when operating in a scan-sniff mode) and receives the access configuration announcement transmitted by the intelligent terminal device 20 , to acquire the unique identification information 21 and the encrypted access information 31 .
- the WLAN-enabled device 10 generates the KEY 1 using the unique identification information 21 and the preset pre-shared key KEY 0 , and decrypts the encrypted access information 31 using the KEY 1 , to acquire the access information 31 .
- the advantage of this manner lies in that transmission of the access information 31 may be implemented between the intelligent terminal and the WLAN-enabled device without bidirectional data interaction, thus the WLAN-enabled device 10 is not required to have communication data interaction capability, thereby reducing a cost of the device 10 .
- the key material 11 is unique identification information 12 of the WLAN-enabled device 10 .
- the unique identification information 12 of the WLAN-enabled device 10 may be a serial number, a one-dimensional bar code, a two-dimensional code, NFC readable information, or certain information in a product specification.
- This implementation includes the following step S 100 to S 400 .
- step S 100 the intelligent terminal device 20 acquires the unique identification information 12 of the WLAN-enabled device 10 .
- step S 200 the intelligent terminal device 20 generates the KEY 1 using its own unique identification information 21 and the unique identification information 12 of the WLAN-enabled device 10 , and encrypts the access information 31 of the wireless access device 30 known by the intelligent terminal device 20 using the KEY 1 .
- step S 300 the intelligent terminal device 20 transmits the access information 31 encrypted using the KEY 1 as well as its own unique identification information 21 .
- step S 400 the WLAN-enabled device 10 receives the unique identification information 21 and the encrypted access information 31 , generates the KEY 1 using the unique identification information 21 and the preset unique identification information 12 , and decrypts the encrypted access information 31 using the key KEY 1 , to acquire the access information 31 .
- the WLAN-enabled device 10 can access to the wireless access device 30 using the decrypted access information 31 , thereby accessing to the network.
- the steps S 100 to S 200 may be implemented in the following manner.
- the user logs into an APP on the intelligent terminal device 20 .
- the APP submits user registration information (which may adopt a username-password mechanism) and the unique identification information 21 to a background server.
- the background server authenticates a user identity based on the APP user registration information.
- the APP acquires the unique identification information 12 (the unique identification information 12 may be a serial number or certain information in a produce specification, in which case the user may manually input the unique identification information 12 such that the APP acquires the unique identification information 12 ; or the unique identification information 12 may also be a one-dimensional bar code, a two-dimensional code or NFC readable information, in which case the APP can acquire the unique identification information 12 by scanning) of the WLAN-enabled device 10 which needs to perform access, through user operation upon successful authentication, such that the intelligent terminal device 20 derives the KEY 1 based on the unique identification information 12 and the unique identification information 21 of the intelligent terminal device 20 .
- the advantage of this manner lies in that security of the overall implementation may be further enhanced by managing and controlling the APP.
- the APP is easy to use for the user and has a good user experience. Generally, only the user who purchases the WLAN-enabled device 10 or a person authorized by the user can acquire the unique identification information 12 , thus the security is enhanced.
- the steps S 300 to S 400 may be implemented in the following manner.
- the intelligent terminal device 20 issues an access configuration announcement via an air interface by transmitting a specific address data frame (a specific multicast address) or a WLAN management frame.
- Announcement information includes the access information 31 encrypted using the KEY 1 and includes the unique identification information 21 .
- a management frame of a currently reserved type may be used, and the access configuration announcement is packaged in a data frame body of the management frame.
- the access configuration announcement is packaged in the last 23 bits of 238.x.x.x. In this case, the complete parameter information needs to be transmitted using multiple specific data frames since each specific address data package has only 23 bits for transmitting the parameter information.
- the WLAN-enabled device 10 sniffs (when operating in a scan-sniff mode) and receives the access configuration announcement transmitted by the intelligent terminal device 20 , to acquire the unique identification information 21 and the encrypted access information 31 .
- the WLAN-enabled device 10 generates the KEY 1 using the unique identification information 21 and the preset unique identification information 12 , and decrypts the encrypted access information 31 using the KEY 1 , to acquire the access information 31 .
- the WLAN-enabled device 10 for implementing the above method is further provided according to the present disclosure.
- the WLAN-enabled device 10 includes a storage unit 101 , a transceiving unit 201 , and a processing unit 301 .
- the storage unit 101 is configured to store a preset key material 11 .
- the transceiving unit 201 is configured to receive unique identification information 21 of an intelligent terminal device 20 and encrypted access information 31 of a wireless access device transmitted by the intelligent terminal device 20 .
- the processing unit 301 is configured to generate a KEY 1 using the unique identification information 21 and the key material 11 , and decrypt the encrypted access information 31 using the KEY 1 , to acquire the access information 31 .
- the key material 11 may include a pre-shared key KEY 0 .
- the pre-shared key KEY 0 is distributed by a key center KC.
- the key material 11 may include unique identification information 12 of the WLAN-enabled device 10 .
- the intelligent terminal device 20 includes a storage unit 102 , a transceiving unit 202 , and a processing unit 302 .
- the storage unit 102 is configured to store unique identification information 21 of the intelligent terminal device 20 , access information 31 of a wireless access device 30 known by the intelligent terminal device 20 , and a key KEY 1 acquired by the intelligent terminal device 20 .
- the processing unit 302 is configured to encrypt the access information 31 using the KEY 1 .
- the transceiving unit 202 is configured to transmit the unique identification information 21 of the intelligent terminal device 20 and the encrypted access information 31 .
- the key material 11 may include a pre-shared key KEY 0 .
- the KEY 0 is distributed by a key center KC.
- the transceiving unit 202 is further configured to transmit the unique identification information 21 to the key center KC, and receive the key KEY 1 derived by the key distribution center KC based on the KEY 0 and the unique identification information 21 .
- the intelligent terminal device 20 may further include an APP for invoking the transceiving unit 202 to transmit user registration information (which may adopt a username-password mechanism) and the unique identification information 21 to the key distribution center KC, and receiving the KEY 1 distributed by the KC.
- the key material 11 may include unique identification information 12 of the WLAN-enabled device 10 .
- the intelligent terminal device 20 further includes an acquisition unit 402 configured to acquire the unique identification information 12 .
- the unique identification information 12 may be a serial number or certain information in a product specification.
- the acquisition unit 402 acquires the unique identification information 12 by means of manual user input.
- the unique identification information 12 may be a one-dimensional bar code, a two-dimensional code or NFC readable information. In this case, the acquisition unit 402 acquires the unique identification information 12 by scanning.
- the intelligent terminal device 20 may further include an APP for invoking the transceiving unit 202 to transmit the user registration information (which may adopt a username-password mechanism) of the APP to a background server for authentication, and generating or invoking the processing unit 302 to generate the KEY 1 using the unique identification information 21 and the unique identification information 12 upon successful authentication.
- an APP for invoking the transceiving unit 202 to transmit the user registration information (which may adopt a username-password mechanism) of the APP to a background server for authentication, and generating or invoking the processing unit 302 to generate the KEY 1 using the unique identification information 21 and the unique identification information 12 upon successful authentication.
- the proceeding program may be stored in a computer readable storage medium.
- the storage medium includes a magnetic disc, an optic disc, a read-only memory (ROM), a random access memory (RAM), or the like.
Abstract
Description
-
- step S1, acquiring, by an
intelligent terminal device 20, a key KEY1, where the KEY1 may be acquired from outside of theintelligent terminal device 20 or locally generated in theintelligent terminal device 20, and the KEY1 is generated using the key material 11 of the WLAN-enableddevice 10 andunique identification information 21 of theintelligent terminal 20; - step S2, encrypting, by the
intelligent terminal device 20, theaccess information 31 of thewireless access device 30 known by theintelligent terminal device 20 using the KEY1; and transmitting, by theintelligent terminal device 20, theencrypted access information 31 as well as theunique identification information 21; and - step S3, receiving, by the WLAN-enabled
device 10, theunique identification information 21 and theencrypted access information 31; generating, by the WLAN-enableddevice 10, the KEY1 using theunique identification information 21 and the preset key material 11; and decrypting, by the WLAN-enableddevice 10, theencrypted access information 31 using the KEY1, to acquire theaccess information 31.
- step S1, acquiring, by an
-
- the
storage unit 101 is configured to store a preset key material 11; - the transceiving
unit 201 is configured to receiveunique identification information 21 of anintelligent terminal device 20 and encryptedaccess information 31 of a wireless access device transmitted by theintelligent terminal device 20; and - the
processing unit 301 is configured to generate a KEY1 using theunique identification information 21 and the key material 11, and decrypt theencrypted access information 31 using the KEY1, to acquire theaccess information 31.
- the
-
- the
storage unit 102 is configured to storeunique identification information 21 of theintelligent terminal device 20,access information 31 of awireless access device 30 known by theintelligent terminal device 20, and a key KEY1 acquired by theintelligent terminal device 20; - the
processing unit 302 is configured to encrypt theaccess information 31 using the KEY1; and - the transceiving
unit 202 is configured to transmit theunique identification information 21 of theintelligent terminal device 20 and theencrypted access information 31.
- the
Claims (13)
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410742548.3A CN105721409B (en) | 2014-12-03 | 2014-12-03 | The method of equipment access network with WLAN function and the equipment for realizing this method |
CN201410742548.3 | 2014-12-03 | ||
CN201410742548 | 2014-12-03 | ||
PCT/CN2015/092835 WO2016086739A1 (en) | 2014-12-03 | 2015-10-26 | Method for device having wlan function to access network and device for implementing method |
Publications (2)
Publication Number | Publication Date |
---|---|
US20170338972A1 US20170338972A1 (en) | 2017-11-23 |
US10554431B2 true US10554431B2 (en) | 2020-02-04 |
Family
ID=56090980
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US15/525,602 Active 2036-10-12 US10554431B2 (en) | 2014-12-03 | 2015-10-26 | Method for device having WLAN function to access network and device for implementing method |
Country Status (6)
Country | Link |
---|---|
US (1) | US10554431B2 (en) |
EP (1) | EP3229512B1 (en) |
JP (1) | JP6818680B2 (en) |
KR (1) | KR101980986B1 (en) |
CN (1) | CN105721409B (en) |
WO (1) | WO2016086739A1 (en) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106200408A (en) * | 2016-08-26 | 2016-12-07 | 特斯联(北京)科技有限公司 | A kind of Smart Home based on cloud computing is equipped with method and system |
CN106412882B (en) * | 2016-10-19 | 2020-01-24 | 深圳市晟碟半导体有限公司 | Method and system for intelligent equipment to access wireless network |
CN107148016A (en) * | 2017-04-20 | 2017-09-08 | 宇龙计算机通信科技(深圳)有限公司 | Terminal connection method, device and electronic equipment |
WO2019192935A1 (en) * | 2018-04-06 | 2019-10-10 | Interdigital Ce Patent Holdings | Transfer of credentials during network device insertion |
Citations (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH10210024A (en) | 1997-01-28 | 1998-08-07 | Oki Electric Ind Co Ltd | Cipher communication system |
JP2002300411A (en) | 2001-04-02 | 2002-10-11 | Murata Mach Ltd | Facsimile communication method and facsimile |
CN101064628A (en) | 2006-04-28 | 2007-10-31 | 华为技术有限公司 | Household network appliance safe management system and method |
JP2008211511A (en) | 2007-02-26 | 2008-09-11 | Konica Minolta Business Technologies Inc | Print system |
CN101335647A (en) | 2008-07-24 | 2008-12-31 | 中兴通讯股份有限公司 | Family network access method and family network management system |
US20110103589A1 (en) * | 2008-05-29 | 2011-05-05 | China Iwncomm Co., Ltd. | Key distributing method, public key of key distribution centre online updating method and device |
JP2011205489A (en) | 2010-03-26 | 2011-10-13 | Panasonic Corp | Radio communication device and radio communication method |
JP2012080152A (en) | 2010-09-30 | 2012-04-19 | Mitsubishi Space Software Kk | Encryption system, encryption apparatus, decryption apparatus, encryption system program and encryption method |
US20120265996A1 (en) * | 2011-04-15 | 2012-10-18 | Madis Kaal | Permitting Access To A Network |
US20130022196A1 (en) * | 2011-07-19 | 2013-01-24 | Kabushiki Kaisha Toshiba | Information processing apparatus, server apparatus, and computer program product |
US20130081113A1 (en) * | 2011-09-27 | 2013-03-28 | George Cherian | Methods of and systems for remotely configuring a wireless device |
US8495373B2 (en) * | 2008-10-20 | 2013-07-23 | Koninklijke Philips N.V. | Method of generating a cryptographic key, network and computer program therefor |
WO2013127014A1 (en) | 2012-03-01 | 2013-09-06 | Certicom Corp. | System and method for connecting client devices to a network |
CN103607713A (en) | 2013-10-29 | 2014-02-26 | 小米科技有限责任公司 | Method, apparatus, device and system for network access |
CN103607710A (en) | 2013-12-02 | 2014-02-26 | 北京东方泰华投资有限公司 | Quick connection method and device for wireless devices and intelligent terminal |
CN104125566A (en) | 2014-05-23 | 2014-10-29 | 曦威胜科技开发(深圳)有限公司 | Method for wireless AP network loitering prevention for multiplex intelligent terminal |
US20140373123A1 (en) | 2013-06-18 | 2014-12-18 | Samsung Electronics Co., Ltd. | Service providing method and electronic device using the same |
US20150012743A1 (en) * | 2012-02-14 | 2015-01-08 | Nokia Corporation | Device to device security using naf key |
-
2014
- 2014-12-03 CN CN201410742548.3A patent/CN105721409B/en active Active
-
2015
- 2015-10-26 EP EP15864568.9A patent/EP3229512B1/en active Active
- 2015-10-26 WO PCT/CN2015/092835 patent/WO2016086739A1/en active Application Filing
- 2015-10-26 US US15/525,602 patent/US10554431B2/en active Active
- 2015-10-26 JP JP2017528900A patent/JP6818680B2/en active Active
- 2015-10-26 KR KR1020177016767A patent/KR101980986B1/en active IP Right Grant
Patent Citations (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH10210024A (en) | 1997-01-28 | 1998-08-07 | Oki Electric Ind Co Ltd | Cipher communication system |
JP2002300411A (en) | 2001-04-02 | 2002-10-11 | Murata Mach Ltd | Facsimile communication method and facsimile |
CN101064628A (en) | 2006-04-28 | 2007-10-31 | 华为技术有限公司 | Household network appliance safe management system and method |
US20090083846A1 (en) | 2006-04-28 | 2009-03-26 | Huawei Technologies Co., Ltd. | System and method for security management of home network |
JP2008211511A (en) | 2007-02-26 | 2008-09-11 | Konica Minolta Business Technologies Inc | Print system |
US20110103589A1 (en) * | 2008-05-29 | 2011-05-05 | China Iwncomm Co., Ltd. | Key distributing method, public key of key distribution centre online updating method and device |
CN101335647A (en) | 2008-07-24 | 2008-12-31 | 中兴通讯股份有限公司 | Family network access method and family network management system |
US8495373B2 (en) * | 2008-10-20 | 2013-07-23 | Koninklijke Philips N.V. | Method of generating a cryptographic key, network and computer program therefor |
JP2011205489A (en) | 2010-03-26 | 2011-10-13 | Panasonic Corp | Radio communication device and radio communication method |
JP2012080152A (en) | 2010-09-30 | 2012-04-19 | Mitsubishi Space Software Kk | Encryption system, encryption apparatus, decryption apparatus, encryption system program and encryption method |
US20120265996A1 (en) * | 2011-04-15 | 2012-10-18 | Madis Kaal | Permitting Access To A Network |
US20130022196A1 (en) * | 2011-07-19 | 2013-01-24 | Kabushiki Kaisha Toshiba | Information processing apparatus, server apparatus, and computer program product |
US20130081113A1 (en) * | 2011-09-27 | 2013-03-28 | George Cherian | Methods of and systems for remotely configuring a wireless device |
US20150012743A1 (en) * | 2012-02-14 | 2015-01-08 | Nokia Corporation | Device to device security using naf key |
WO2013127014A1 (en) | 2012-03-01 | 2013-09-06 | Certicom Corp. | System and method for connecting client devices to a network |
US20140373123A1 (en) | 2013-06-18 | 2014-12-18 | Samsung Electronics Co., Ltd. | Service providing method and electronic device using the same |
CN103607713A (en) | 2013-10-29 | 2014-02-26 | 小米科技有限责任公司 | Method, apparatus, device and system for network access |
CN103607710A (en) | 2013-12-02 | 2014-02-26 | 北京东方泰华投资有限公司 | Quick connection method and device for wireless devices and intelligent terminal |
CN104125566A (en) | 2014-05-23 | 2014-10-29 | 曦威胜科技开发(深圳)有限公司 | Method for wireless AP network loitering prevention for multiplex intelligent terminal |
Non-Patent Citations (8)
Title |
---|
Chinese 1st Office Action dated Jun. 21, 2018 in connection with Application No. 201410742548. |
EP 15864568.9, Nov. 6, 2017, Extended European Search Report. |
Extended European Search Report for Application No. 15864568.9 dated Nov. 6, 2017. |
International Search Report for Application No. PCT/CN2015/092835 dated Jan. 17, 2016. |
Japanese 1st Office Action dated Jul. 2, 2018 in connection with Application No. 2017-528900. |
JP2017-528900, Mar. 11, 2019, Office Action. |
Office Action for Japanese Application No. 2017-528900, dated Mar. 11, 2019. |
PCT/CN2015/092835, Jan. 17, 2016, International Search Report. |
Also Published As
Publication number | Publication date |
---|---|
CN105721409B (en) | 2019-06-25 |
JP6818680B2 (en) | 2021-01-20 |
WO2016086739A1 (en) | 2016-06-09 |
JP2018500820A (en) | 2018-01-11 |
KR20170085120A (en) | 2017-07-21 |
EP3229512A4 (en) | 2017-12-06 |
EP3229512A1 (en) | 2017-10-11 |
CN105721409A (en) | 2016-06-29 |
US20170338972A1 (en) | 2017-11-23 |
KR101980986B1 (en) | 2019-05-21 |
EP3229512B1 (en) | 2019-04-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10667131B2 (en) | Method for connecting network access device to wireless network access point, network access device, and application server | |
US8509442B2 (en) | Association, authentication, and security in a network | |
EP3065334A1 (en) | Key configuration method, system and apparatus | |
WO2018137351A1 (en) | Method, relevant device and system for processing network key | |
WO2019041802A1 (en) | Discovery method and apparatus based on service-oriented architecture | |
CN101772024B (en) | User identification method, device and system | |
KR20160021814A (en) | Wireless configuration using passive near field communication | |
KR20110054737A (en) | Secure channel establishment method and apparatus in short range communication | |
JPWO2005101727A1 (en) | Communication apparatus, communication system, and authentication method | |
EP3537652B1 (en) | Method for securely controlling smart home appliance and terminal device | |
US10554431B2 (en) | Method for device having WLAN function to access network and device for implementing method | |
CN101500229A (en) | Method for establishing security association and communication network system | |
JP2008510409A (en) | Method and system for setting up a secure environment in a wireless universal plug and play (UPnP) network | |
EP2993933B1 (en) | Wireless terminal configuration method, apparatus and wireless terminal | |
KR20160058491A (en) | Method and apparatus for providing services based on identifier of user device | |
CN105025472B (en) | A kind of WIFI access points enciphering hiding and the method and its system of discovery | |
EP2890083B1 (en) | Key distribution system and method | |
KR20150057802A (en) | System and the Method of Key Management for Sensor Network Security | |
KR20050033628A (en) | Security system for apparatuses in a network | |
CN110943835A (en) | Distribution network encryption method and system for sending wireless local area network information | |
CN104902473A (en) | Wireless network access authentication method and device based on CPK (Combined Public Key Cryptosystem) identity authentication | |
KR101172876B1 (en) | System and method for performing mutual authentication between user terminal and server | |
CN109949457A (en) | Intelligent door lock control method and relevant apparatus | |
WO2022094936A1 (en) | Access method, device, and cloud platform device | |
CN111163468A (en) | Communication connection method and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: CHINA IWNCOMM CO., LTD., CHINA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:HU, YANAN;ZHANG, BIANLING;WANG, YUEHUI;AND OTHERS;REEL/FRAME:042374/0574 Effective date: 20170510 |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NOTICE OF ALLOWANCE MAILED -- APPLICATION RECEIVED IN OFFICE OF PUBLICATIONS |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NOTICE OF ALLOWANCE MAILED -- APPLICATION RECEIVED IN OFFICE OF PUBLICATIONS |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: PUBLICATIONS -- ISSUE FEE PAYMENT VERIFIED |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |
|
MAFP | Maintenance fee payment |
Free format text: PAYMENT OF MAINTENANCE FEE, 4TH YR, SMALL ENTITY (ORIGINAL EVENT CODE: M2551); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY Year of fee payment: 4 |